Skip to main content

Last Call Review of draft-ietf-payload-rtp-aptx-04
review-ietf-payload-rtp-aptx-04-secdir-lc-kivinen-2013-12-12-00

Request Review of draft-ietf-payload-rtp-aptx
Requested revision No specific revision (document currently at 05)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2013-12-06
Requested 2013-11-28
Authors John Lindsay, Hartmut Foerster
Draft last updated 2013-12-12
Completed reviews Genart Last Call review of -04 by Wassim Haddad (diff)
Secdir Last Call review of -04 by Tero Kivinen (diff)
Assignment Reviewer Tero Kivinen
State Completed
Review review-ietf-payload-rtp-aptx-04-secdir-lc-kivinen-2013-12-12
Reviewed revision 04 (document currently at 05)
Result Has Nits
Completed 2013-12-12
review-ietf-payload-rtp-aptx-04-secdir-lc-kivinen-2013-12-12-00
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This document describes how to transmit proprietary audio codec
algorithms standard apt-X and enchanced apt-X in the RTP. The document
has security considerations section which seems to be OK.

If I have understood correctly the codec is constant bit rate codec,
thus it is not vulnerable to the traffic analysis attacks described
for example in the draft-ietf-avtcore-srtp-vbr-audio document. Perhaps
the security considerations section could note that these codecs are
not vulnerable to those attacks (if that is in deed true).
-- 
kivinen at iki.fi